Security clearance reform: more questions than answers

navy yard from wikipedia

There has been a lot of talk but little action on changes to the security clearance process in the four months since the Navy Yard shooting.

It has been more than four months since the Navy Yard shooting, more than six since the Edward Snowden insider leaks began and four years since Bradley (Chelsea) Manning downloaded the first of hundreds of thousands of documents for illegal release. But the security clearance process that granted access to three of the most serious breaches of government trust in recent memory remains troubled.

Calls to reform the processes behind security clearances are not new, but they have been ratcheted up in a new era of insider threats. But there are no clear solutions to fixing the system, and it would seem that questions outnumber answers.

"You can see the magnitude of what we're dealing with" in the cases of Snowden, Manning and Navy Yard shooter Aaron Alexis, said Rep. Rob Wittman (R-Va.), as part of a panel convened by the Congressional Smart Contracting Caucus in Washington on Jan. 28. "People question, how did that person get a security clearance? What due diligence did the contractor do to make sure that didn’t happen? What happened within [the Office of Personnel Management] to manage this process? All those are questions that come up when we see these things happen around us, and they make all of us question the system."

There is plenty of debate about options, such as changing the frequency of background checks, automating information-gathering processes and centralizing data. But even the proposed solutions themselves come with numerous questions about how to implement any changes.

"We have to do some reflection. How well does the actual background check work?" asked another participant, Virginia Democratic Rep. Gerry Connolly. "What reforms are going to be needed? Does the current system of five to 10 year [interims between checks] work? Or should we move to continuous evaluation, and aren’t there problems with that too?"

Connolly noted the potential for over-reaction – say, to a late credit card payment that ends up jeopardizing someone's clearance unnecessarily – and he questioned the ability to handle and sort the data accompanying the roughly five million people holding security clearances today.

With such serious consequences on the line, anything less than perfection could be deemed a failure, which makes the reform efforts that much more complicated. Combined with timeliness issues – including a presidential directive to examine clearance processes after the Navy Yard shooting – and constrained budgets, officials need to look deep for solutions.

"We want it done better, we want it done faster, we want it done cheaper – we would all agree to that, but that involves a real hard look at what flexibilities exist in the system to increase efficiency and do things like drive automation," said Joe Jordan, public sector president at FedBid and former administrator at the Office of Federal Procurement Policy.

Besides the need to digitize information-sharing, narrowing the numerous entities involved and establishing reciprocity are at least part of the answer, Jordan added.

Many of the proposed solutions rely on the use of IT – automation, continuous evaluation, shared data banks between agencies – but it's not an easy transition to make.

"The information technology space is thought to be the one [critical area]. That's the one that needs the most attention and is the hardest to get," said John Fitzpatrick, ‎director of the information security oversight office at National Archives and Records Administration.

It also is not a new area to be explored by the government. The use of technology has been studied, including by federal entities, to little avail, noted Brenda Farrell, director of defense capabilities and management at the Government Accountability Office.

"A lot of these visions weren’t realized because they didn’t have a target. ... It's very important for the next reforms that goals are clear, who's in charge is clear and there are metrics. One metric to measure the reform efforts, and one to measure whatever phase we're trying to improve," Farrell said.

Note: This article was updated on Jan. 29 to note that the Congressional Smart Contracting Caucus convened the Jan. 28 event.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.


  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Thu, Jan 30, 2014 RayW

I have a friend who is an investigator for one of the private firms. He was complaining that he gets investigations that are months old, sometimes close to a year, and is expected to complete the background in a week or two. This often requires travel to many states (and out west there is a LOT of distance between Montana and Texas) which cuts into the investigation time. Question is, where has the paperwork been sitting all this time?

The mentioned sharing of data is good for security, but that does not obviate the need to walk around asking references about the person and finding other people that are not references to go find out more and to get away from coached answers (for my first clearance in 1970 I was told that the investigator only asked my references who else I knew, and then went and asked those other people questions.)

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above